From:
https://www.windowscentral.com/software-apps/windows-11/how-does-windows-recall-work
Comes a description of the Windoze “Recall” feature that captures images off of your screen (like, oh, browsers and such) and then lets you use “AI” to search your history with just asking questions… What could possibly go wrong?…
How does Windows 11 Recall work? We explain.
By Mauro Huculak published 23 May 2024
Here’s what you need to know about how Windows Recall works on Windows 11.On Windows 11, Recall is a feature that uses AI to record everything you’ve done on the computer and then makes that information searchable to help you find anything you have done in the past, from a message to a file or folder, a website, and virtually anything.
The magic of Windows 11 Recall is that you can search using keywords or keyphrases and natural language for anything you have done or seen on the device, as the feature can actually understand the content and context.
OK… so “record everything you’ve done”… Urm…
The “good news” so far is that it requires a higher end PC (at present) and is limited in disk storage. The bad news is that without shutting off a bunch of things it isn’t particularly secure.
[…]
The Windows 11 Recall feature takes snapshots of every activity on the screen. When content is on the screen, the feature takes snapshots every five seconds from the previous capture. The feature doesn’t record audio or save continuous video. The snapshots are then stored locally and analyzed with AI to understand their contents, including images and text.
So it won’t record your videos, but will be able to answer questions like “Did Johnny Look At Porn?” or “Does Jane look at pictures of other girls?”. I’m sure the TLA’s will love that one, and what LEO would not like the answer to “Did Scarface check out poisons or guns?”.
[…]
When you select a snapshot, you will enable the “screenray,” the feature that runs on top of the screenshot and allows you to interact with the different elements. (I find this similar to the “Text actions” features on the Snipping Tool.)Inside the snapshot, you will find different actions. For example, you may find the option to open the source application for the content. You can copy text from a message or anything on the screen, delete the snapshot, and access the context menu to access other actions.
How nice, so snoops can conveniently clip bits too save them or auto-open the needed applications to get context…
Storage
Since the snapshots are stored locally on the computer, this feature requires some available space that the system reserves automatically. By default, Recall sets aside 25GB of storage on devices with 256GB of storage.
However, the minimum storage reservation will depend on the system storage. For instance, on a device with 512GB SSD, the default allocation will be 75GB. On a 1TB SSD, the allocation will be 150GB. You can also change this default configuration to increase or decrease the storage from the “Recall & snapshots” settings page.
So 10% minimum and about 15% on larger drives. Nice to know that automatically your disk drive space available shrinks by 15%.
AI models
Recall uses the required NPU (Neural Processing Unit) to analyze the snapshots using several multimodal smaller language models, including Screen Region Detector, Optical Character Recognizer, Natural Language Parser, Image Encoder, and Image Encoder, which are all integrated and running concurrently on Windows 11 to detect text, images, videos, audio, and more.This is possible thanks to the new “Windows Copilot Runtime,” which integrates more than 40 AI models to power this and many other features. It also provides the infrastructure to update and maintain the models’ quality continuously.
Once the snapshot is captured, the feature combines it with system data to understand the content and context, similar to how a person would understand a piece of content. Everything is saved in the new “Windows Semantic Index” database, which differs from the Search index database.
Oh, gee, and it will be slowing down your computer by doing all sorts of AI based “recognition” and categorizing…
But hey, you can, kinda sorta, trim back what it does by listing the things you want it to not look at. One at a time… and the TLAs and LEOs have an easy “auto update” way to put “special” versions on your machine if desired. But, for now at least, Chromium Browsers are your friend as it doesn’t like them, at least if in Incognito Mode. Other browsers, maybe incognito is copied…
Security
Since everything happens on-device (also referred to as “Edge Computing”), no data is uploaded to the cloud for processing. However, the feature sometimes connects to the internet to download and install updates.As part of the default experience using the Recall feature, it doesn’t save information from certain activities, including using Chromium-based browsers like Microsoft Edge in incognito mode or content with Digital Rights Management (DRM). Still, everything else will be scanned and stored on the computer.
If you don’t want the feature to save information for specific websites or apps, you must manually configure a filter from the “Recall & snapshots” settings page. However, this will only work on Microsoft Edge if you want to filter out a website.
But at least you will know that anything with a DRM claim will Phone Home and tell somebody that you looked at it / listened to it, so it knows not to record it.
But what about passwords? Well… just exclude each site individually…
[…]
Also, the AI timeline for Windows 11 does not perform any content moderation, so information like passwords and bank account numbers will appear with a simple search as they are saved automatically in the snapshots.You can quickly mitigate this security concern by excluding the websites and apps that may show sensitive information.
But don’t worry, the database is on your machine and you can do something or other to make it secure, if you think of it.
[…]
Although the “Windows Semantic Index” database stays locally on your computer, it will only be private if you take the proper precautions since the Recall doesn’t include strong security protection once someone is signed into the account. For example, it’s not password protected unless you configure a password on your Windows 11 account, and encryption for the data is only available if you configure BitLocker or Device Encryption on the device.
What could possibly go wrong… especially given that it will be included in all the auto-updates all over the world…
But the good news is that, for now, it requires a high end P.C. so all the low end folks are safe, until it “improves over time”…
Windows Recall will be one of the new features released with the Windows 11 2024 Update (version 24H2). However, it will initially only be available for Copilot Plus PCs running Qualcomm Snapdragon X series processors as the feature requires an NPU that runs at 40+ TOPS, a minimum of 16GB of RAM, and 256GB of SSD.
It’s also important to note that the feature will initially be limited but will keep improving over time.
Note to self: Buy no P.C. with NPU / Snapdragon, etc. Turn off this feature if present. Avoid Windoze if at all possible.
Musings from the Chiefio 
Sounds like an opportunity for some smart person to develop and sell a piece of software that totally and permanently disables this “feature”
I’m “lucky” – my day-job has (so far) not upgraded to Win11 and has no budget to spend on upgrading hardware.
However, I’ve noticed that Windows Copilot now appears inside other MS products like Teams and Visual Studio.
Teams, of course, “phones home” with everything people do within it, it has to, for it to work the way it does. One of its “free” features is that all the files put into Teams are no longer stored on your own LAN or SAN storage, they get stored somewhere in a MS cloud, with another free security feature that scans them all for malware or other dubious content.
Now, what were we saying about Raspberry Pi5’s?
We use Win 11 at work, but if they are spying on me, all they will find is that I occasionally search on this or that technical question. I haven’t used any flavor of Windoze anywhere else in many decades.
I’m moving stuff to a new computer which has v11, I’m pretty sure.
Before this post by E.M. appeared, I was searching to uninstall a program and I got to a screen where there were a bunch of options regarding saving stuff as you work.
Well, I didn’t want anything recorded or saved, so I went down the list of 1/2-dozen or more choices and turned off all of the ‘helpful’ features.
Paranoia can be a very good thing. The ‘help’ features seemed cool enough, but it was clear to me that the auto-saved stuff was going someplace in byte-heaven where there was no chance whatsoever of me at least trying to prevent unauthorized access, let alone the access probably granted to Microstuffed just by using the software.
I can’t recall where that option to disable the auto-snoop features is located. It was “Oh… hmmm… off, off, off…. off” down the list when I stumbled across it, and then back to what I was looking for. Sorry. No help there but it is in there somewhere.
I quoted this at Jo Nova. One comment in reply –
“…and there’s a serious swing back to Windows 10 as a consequence, looking at current OS market share…
FYI – the Win 11 product key is valid for Win 10 too, so you can roll back if you’ve upgraded, or fresh install W10.”
https://joannenova.com.au/2024/05/wednesday-58/#comment-2768908
When I rebuilt my computer, I could make it install Windows 11. The main board has the TPM stuff; but I turned that off so I could dual boot with “non approved” Linux distributions. Windows keeps trying to update that, despite that I’ve disabled secure boot/TPM. It wouldn’t surprise me that if enough people do “downgrade” to Win 10 that MS is forced to prolong its support past the date they want to end it.
Grrrr…on my main desktop computer at home, I keep getting a prompt to copy all my iCloud files down to my hard drive. When I click the “X” to close that window without doing what they say, it stays on the screen for at least a minute. Well, now it’s not taking quite so long, but I can tell they don’t want to take “No” for an answer.
But also I have seen File Explorer has notations about my files not being “backed up”, which they have been advising me to do for some time.
It seemed illogical for them to push me to download all my iCloud files to my hard drive, and at the same time “back up” my hard drives to some unknown place on the (I assume) cloud of a different flavor.
Now that it has become evident that Win11 is intended to take possession of all your private files somewhere in its cloud, I’m seeing it’s just a method to snooker me into letting them take possession of all my files.
Now, that “recall” function is even beyond that, from what I can see.
What’s that old saying? “Stop the world! I want to get off!”
If I didn’t have to maintain compatibility with my work system, I might make the leap to some flavor of Linux.
And if I didn’t loathe laptop keyboards, I might just get one to dedicate to work-compatibility. I guess I have to find a way to bring in another desktop computer to dedicate to work-compabitility.
Power Grab
A work laptop with a USB full size keyboard?
@Another Ian
A work laptop with a USB full size keyboard
Doesn’t everybody?
Rob Braxman, in a one hour live stream, has a bit of a hissy over Windows Recall doing “Key Logging” (a Very Bad Thing…). So it isn’t just analyzing your photos and such, but also (now, per his sniffer) logging ALL your key strokes? Hmmm….
He also asserts that Apple did something similar (~”for a while”?) but maybe has stopped. OK….
I think I’ll be using my under powered to dumb to do A.I. computers for a long while ;-)
https://rumble.com/v4yhyot-what-the-zuck-windows-recall-copilot-pcs.html
Looks like the Surveillance State has decided to embrace using your own computer and A.I. against you in a Very Big Way…. (And once again I’m happy to have multiple computers, many SBCs with limited ability and “re-flashed” as desired along with nuking the “Machine ID” identifier; so as to obscure who I am and what all I do on the machines.)
FWIW, yes, at last, I’m actually going to use a VPN “going forward”. Until now I’ve not bothered as basically “everything I do” is in public and here on this blog. But… I now have a “client” where I have remote control of their systems, so I need to add a layer for their HIPPA compliance requirements. Oh Well….
FWIW: I will no longer trust ANY system from a major vendor. IF I’ve not “rolled my own OS” on it, it is not trustworthy. That’s certainly Microsoft (Windows), and Google (Chromebook) but also now Apple given what Braxman had to say. And, IF my surmise about Pottering and SystemD is correct (and I do have a rather long record of being correct on security things….) it also includes any SystemD based Linux. Oh, and of course Android Phones are surely in the “Everything you say, I’ll be watching you!…” group…
@PowerGrab:
Computers are incredibly cheap these days. I bought 2 (yes, two) Chrombooks at Best Buy a couple of years ago. One of them was $99. Why? I needed a “just make it go NOW” computer to keep the blog up and going while home was 3000 miles away and my “kit” was largely in boxes AND my main SPC had died (due to some static issues I didn’t tend to IIRC, or maybe it was when the 12 VDC power brick had the same connector as the desired 5 VDC one…)
For well under $100 you can “get started” with Linux. It will take over a year to get comfortable with it, so best to get started sooner than later. Don’t worry about SystemD vs Not until you ARE comfortable. A Raspberry Pi is a reasonable place to start (and relatively cheap). They have a “Computer in a keyboard” one for relatively little money. Just under $100: https://www.amazon.com/Raspberry-Pi-Quad-Core-Bluetooth-Complete/dp/B08XS24CMV
though you can get started for a lot less with lower performance. Under the price of a single tank of gas even.
My approach is to have a half dozen different computers AND several uSD cards for them with different personalities, so each one does some different tasks. That way, a compromise of any one “chip system” is of minimal concern. I do Blog Stuff on one Chromebook, and (now) client stuff on another one. I have a “few” SBCs of various kinds for “Lab Work”” (stuff like weather data, distributed compute R&D, etc.) and even some for “Interesting Things” ;-0
Once you have an SBC that has the OS on a “chip”, it is about $10 for “another computer” in that you can put a different OS or build on a different “chip”. (Actually less than that if you store the chip image on a USB disk… then it’s under 1¢ per computer image ;-)
For now, IF you do not have a Qualcom Snapdragon Chip PC, you don’t have this particular risk (I.e. 99.99% of folks have no issue AT THIS TIME… but it’s coming for you in the future…)
What is clear is that the Deep State is busy infiltrating Commercial Computer Makers to assure they can gather any and all data off of “your” computers. So it will be important to “move away from them on the Group W bench” as soon as reasonable.
FWIW: The end game of this will be a move onto a BSD Unix as it is THE most secure and THE most pristine. But it is a bit hard to embrace (I.e. is oriented toward tech heavy folks…) and not very hand-holdy…
FWIW, China has built their own secure OS (Kylin) based on BSD. (But likely with their own security breaching snoopware built in…) The BSD folks are darned good and not interested in being compromised by anyone. I was one once upon a time ;-)
There are a good number of Linux distros without SystemD now. Not sure about usability, which is something I need. At any rate,
https://distrowatch.com/search.php?ostype=All&category=All&origin=All&basedon=All¬basedon=None&desktop=All&architecture=All&package=All&rolling=All&isosize=All&netinstall=All&language=All&defaultinit=Not+systemd&status=Active#simple
I’ve used Devuan at times and PCLinuxOS for several years now. PCLinuxOS has a Debian based edition, too. I found either to work well enough for me.
Another Ian left a comment here: https://chiefio.wordpress.com/2024/06/04/avoid-ecosia-search-engine/#comment-170590
that says all the data grabbed is stored in a non-encrypted file suited to data mining by hackers…
@Jim2:
Golly, 99 of them when I hit the link. Many of them are familiar to me. The BSD based ones, the Devuan derivatives, and some derived from Gentoo. Void too.
Looks like maybe it is time for me to return to the ARM SBCs and try some “spins” ;-)
The list gets a LOT shorter pretty fast when the requirement for an ARM port is made. Slackware, for example, has one, but like Devuan it is sort of a quasi “community” thing / build. Hopefully the rapid growth of ARM based phones, tablets, laptops and even some desktops will start changing that “soon” ;-)
FWIW, I unplugged a lot of stuff in my lab (including all the computers & UPS gear & PiHole server) when the solar storms kicked up. So it’s been Chromebooks Only for a couple of weeks. FWIW #2: I was also “on the road” for a bit over a week anyway…
So there’s a “bit of work” to get things all put back together and “up” again. Starting with finding the current Solar Weather Report ;-)
I guess it’s time to get back to work …
” … information like passwords and bank account numbers will appear with a simple search as they are saved automatically in the snapshots. … ”
So while you are in the shower the cleaning lady or the plumber can search and find your passwords and bank account numbers…
Or your wife who is secretly planning to leave you can collect that information – while you are in the shower or mowing the lawn – and send it to her lover, they can then later empty your bank account before they ” elope” and go live in Argentina or Belgium…
or if you have your laptop stolen and they manage to get in it, the criminals will have access to ALL your passwords and ALL your bank accounts.
But guess who is jumping for joy and dancing a happy dance ? Democrats, the FBI and CIA ! Because when the next Democrat President sends them on a mission to find something -anything- to destroy, financially ruin or imprison a non-liberal political opponent it will be freakin easy !
And that system is called RECALL ??
was there not a movie called ” Total recall” where computer technology was used against innocent people ?
coincidence ?
E.M.
FYI – I posted that W 11 “Recall” item at Jo Nova
https://joannenova.com.au/2024/06/wednesday-59/#comment-2771351
Downstream of that Linux got mentioned and I posted a “Watch for “System D””
It has continued a bit – I’m thinking more in ignorance than enlightenment – and I don’t know enough to contribute further.
Maybe you could add?
TIA
Test
killing user processes at logout
Here is a comment on SystemD by Jesse Smith on DistroWatch.
First, is systemd dangerous? Most of the time, no, it’s probably not dangerous. Most systems running systemd don’t suffer from the experience. There have been a few bugs either caused by systemd or exposed by systemd which caused some pretty big problems in the past. The erasing files bug, the bricking hardware bug, the killing user processes at logout issue, and invalid username bug all come readily to mind. And, to be fair to people who don’t like how systemd has been managed, the reactions to these bugs from the systemd developers were not diplomatic.
So there have been some serious bugs either caused by or exposed by systemd which could make running the software dangerous in the past in very specific situations. However, I don’t think that is what you meant. I get the impression you weren’t asking if systemd can be accidentally dangerous (any complex software can be problematic when it manages a lot of the low-level functions of an operating system), but were rather more interested in the “boogy man” concept, the idea that there is something malicious hiding in the code.
Is there something malicious in the systemd code? To be honest it is difficult to tell for sure. The systemd code, like many large and complex software projects, is huge. Version 247 of systemd included over 2,000 source code files that contained over 500,000 lines of code. This doesn’t include unit tests, documentation, build rules, etc – just the source code. The whole archive is closer to 4,000 files containing about a million lines of text. In short, it’s more than I will have time to read this weekend to authoritatively answer the question of whether there are any naughty bits hidden in the code.
However, with all that being said, I don’t think there is any malicious code in systemd. There are certainly bugs, there are design decisions I (and others) may not agree with, but I don’t think there are any hidden traps or backdoors in systemd that will compromise an operating system.
Why do I tend toward the idea that systemd is not malicious? There are a few reasons. The first is that systemd is developed as free and open source software in a public repository. For someone to insert something nasty into systemd they would need to do it not only in front of the world, but under the noses of other systemd developers. Or we need to go full on conspiracy theory and believe all the systemd developers are either malicious or unaware of the code being committed to their repository. I think both are unlikely.
Second, systemd has been around for nearly a decade. It has been widely adopted for at least half that time. If there were backdoors in systemd then it would seem odd we haven’t heard about any ill effects. Where are the system administrators reporting weird network traffic from compromised machines? Where are the port scanners reporting mysterious openings? Where are the botnets of millions of Linux machines running systemd? I haven’t heard of any of these things happening and you would think, after half a decade of deployment on millions of machines, if there were an exploit then at least one person would have noticed by now.
Third, and finally, as I mentioned before systemd is open source software. There are a lot of people, or at least a very vocal minority of people in the Linux community, who strongly dislike systemd, for one reason or another. Not one of them has dug into the source code for systemd and found an intentional problem. People have spotted bugs and some questionable choices in approach, but nothing that is going to turn your computer into a spam-flinging zombie. If anything, systemd’s sandboxing features probably make it more secure in some situations than the alternatives.
https://distrowatch.com/weekly.php?issue=20210125#qa
As of 2022, Linux malware was on the rise, but Windoze was still worse. Haven’t found data for 2023.
https://tech.co/antivirus-software/what-is-the-most-secure-os
While considering the statistics of computer operating systems based on cybersecurity, the Microsoft Windows OS was found to be the most vulnerable to malware, having a 54.4% of all computer cyberattacks. Following the Windows OS was Linux, which has about 39.4%, and macOS, with 6.2%.
https://techreport.com/statistics/software-web/antivirus-statistics/
@Another Ian:
I do not visit other sites “on demand” to enter into “food fights”.
Realize that ANY mention of SystemD is likely to result in a “food fight” over it, since it has been that way since the initial inception some decade+ ago. There are two factions that generally find the other “foolish” at best and “stupid” or worse more commonly. Stepping into the middle of that is generally not fun and generates a lot more heat than light. The arguments have all been made, and folks have chosen up sides. Attempting to change that results in strong push back to no end.
THE basic argument is just that SystemD violates “the Unix way” of “do one small thing and do it well”. An example of that is the “init” code example of about a dozen simple clear lines. That is ALL that is required of “init”. Simple, clean, provably secure. Compare SystemD (that started life as a claimed improvement on init) at over 4000 files and million+ lines of code. IMHO “nuts” on first glance at that fact. Others will think it “just fine and look at all the neat things it does!”… And no, not going to step into that fight somewhere else.
@Jim2:
The basic problem with that assertion of “looks safe from the outside” is that the actual deliberate insertion of a security hole is not something that looks like:
IF {magic cookie in byte 2002} do {begin superuser mode};
They are way way way more subtle. Often involving things that are far from each other in the code base, one pokes something reasonable into somewhere reasonable and another uses a side effect to gain just a tiny bit of advantage that another bit inserted as a running object by the ‘exploit code’, only run at the time of the attempted exploit, can use to gain more privileges. These are not the kinds of things that the Average Programmer will see, even if they look at them. And, unless a TLA who put it into the code base actively exploits it, you will NOT find it running a Bot Farm of crypto miners… Now hide that in a couple of million lines of code and even skilled security coders will have trouble finding it.
Look at the OpenSSH exposure that was around for years before it was discovered:
https://www.itpro.com/security/cyber-attacks/openssh-vulnerability-uncovered-by-researchers-rce-exploit-developed
That’s your model to have in mind. Not “nobody has found it yet”…
FWIW, IF you want a really secure OS, look at BSD not Linux. The BSD folks are highly protective of their reliability and stability and enforce The Unix Way fairly strongly. Linux was that way at the start, but about 20 to 30 years ago started a “run for every feature possible” at the expense of security, stability, and manageability.
I’m highly likely to start bringing up more BSD systems “going forward” and moving away from Linux systems (other than for one or two desktop / workstation systems for some Linux Only “feature” or other). Yes, it’s been close to 40 years since I managed one on a regular basis (other than a toy system to test bringing up BSD), but the skill set is mostly still intact. Why? Because of those Linux Exploit stats…
The Mac is based on the Mach Kernel and with a “BSD Derived” layer that is “Linux Like” (so people say) in that Linux and BSD share many utility commands (in style at least, if not in source code). But want to know why it has so few exploits? Apple emphasis on security AND the Mach / BSD base of the system.
So while 20 to 30 years ago Linux was about as secure as BSD, it has diverged ever more with every year, and then SystemD came along and created a whole ecology of new / different / buggy / enormous code to exploit.
That I was “bit” by a 1/2 dozen egregious bugs in it during mid-early rollout did not instill confidence in the developers… The one that still “smarts” is the way that it took over home directory mounts – so sometimes I could move my home directory via /etc/fstab yet other times I’d end up in some other directory… nothing like having your files end up going to 2 different places as SystemD fought with basic Linux Way code… and with what permissions? With what access to whom? With what programs failing to find the expected home directory config files? Just horribly bad design and worse injection into the system (with, it would seem, no testing of compatibility with the base OS design).
So out of control developers produced a buggy “improved feature” and shipped it with lousy QA (in that it did not find this mistake) and I’m supposed to trust them? Nope.
That’s one of a half dozen or so similar Aw Shits that drove me away early on. And I’ll never go back, since now those kinds of things are buried in a million+ lines of code that nobody with the necessary skill will want to spend their life de-tangling.
Which is why I’m going to continue to run SystemD Free Linux as long as it is not too hard to do / get; but will start migrating some things off to BSD Land where it is provably secure for almost everything and where The Unix Way continues to be enforced.
Of NO INTEREST AT ALL: Windoze
Of Almost No Interest at all: SystemD based systems
Useful for most home things: Linux free of SystemD (but with limited choices)
Most useful for ease of use with security: Macintosh (but expensive)
Highly Secure for servers & such: BSD (but with high technical burden on the user)
Note too that BSD (largely due to a very limited supply of high end developers working on it) has limited support for new hardware platforms and is very limited in “New cool software support” as that is where most security issues first show up… and is especially limited in GUI ease of install / support. Basically, it is up to you to be your own systems programmer and systems admin, in a not very hand-holdy environment. So you better like tech work.
Well, I’m back on a Raspberry Pi in “my lab”. This involved a whole Lab Bringup as I’d shut it all down for the solar storm panic (that came to nothing).
Got to rediscover what all network cables I’d pulled and UPS unplugged AND reset all the system dates to something sane (as, after a long downtime, they will not resync with the time server if too far out of date…)
But once again I now have my PiHole DNS running, my proxy server, my second level of isolation interior network (far removed from the Telco network…) and such.
Next I’ll bring up a faster running XU4 with Octo-Cores for a faster experience (though, frankly, this R.Pi is fast enough for web pages and postings… just not for videos as it is a R.Pi M3…
Well, time to get back to all the rest of what I’m trying to get done today ;-)
FWIW
“Windows Recall demands an extraordinary level of trust that Microsoft hasn’t earned”
“Op-ed: The risks to Recall are way too high for security to be secondary.”
https://arstechnica.com/
Looks like folks have already written a Python script to mine “Recall” for everything you have done on your PC:
https://odysee.com/@AlphaNerd:8/hacking-windows-recall-to-see-everything:8
Things like this always make me think things like…”How hard would it be for the perps to create items in the Recall database that make it look like you did something that you didn’t do?”
I’d say, not hard at all, once a malicious person had access to it.
Given that the file is not encrypted and can be found / read and clearly written since the OS is writing it: All one would need to do is make the desired image / results and insert it into the file in the right place via editing the file.
It would be harder if the file (files?) were binary blobs and harder still if they were encrypted; but from what I’ve seen, they are not.
Oh, and given that this gets updated constantly, you don’t even need to worry about fixing the time stamp, since it will get updated shortly after you are done with your edits. One would need to capture the incremental additions during the time you are doing the edits and append them at the end, so it looks like the file was in constant use / updates…
@https://chiefio.wordpress.com/2024/05/27/oh-gawd-windoze-11-to-record-all-your-screens-are-belong-to-us/#comment-170633
Sounds like the movie Looper.
Microsoft says that all of this data is encrypted using BitLocker tied to the user’s Windows account and is not shared with other users on the same device.
…
Microsoft’s promises have not done much to reassure the cybersecurity community or its customers, with our tweet regarding this new feature receiving over 90 comments, all negative.
Schizoduckie tweet
So, why are most cybersecurity experts, researchers, and analysts so worried about this feature?
First and foremost, large companies have a history of exploiting users’ data for their own profit, making it hard for users to trust Microsoft when they say they won’t access the Recall data.
Users are not alone, as the United Kingdom’s data protection agency, the Information Commissioner’s Office (ICO), is also contacting Microsoft to ensure that users’ data will be properly safeguarded and not used by the company.
https://www.bleepingcomputer.com/news/microsoft/microsofts-new-windows-11-recall-is-a-privacy-nightmare/
In order for the “feature” to work, the data must at some point be decrypted. That’s your attack surface. Somewhere it has the keys and at some point the result must be presented to the user.
But, realistically, IF someone has access to the machine, they don’t need to do any of that. Just visit some porn site and let the screen be captured. Then it is stored in the data cash and you have your “evidence”…
Another one –
“Adobe Monitors What You Do With Their Software”
https://hotair.com/david-strom/2024/06/06/adobe-monitors-what-you-do-with-their-software-n3789776
Acrobat?